Source: Anonymous attacks on Sony annoying, not much more

A source at the hosting provider for many of Sony's websites says that recent …

The total amount of firepower used to flood Sony websites this week? It's only "medium strength," says a source at Sony's hosting provider who is not authorized by his employer to speak on the record.

The hacker collective Anonymous has been hammering Sony all week—both online and off—over the company's lawsuit against PlayStation 3 hacker George Hotz ("GeoHot"). The online attacks have largely used the Anonymous tool of choice, the Low Orbit Ion Cannon (LOIC), to flood Sony's servers with enough information to create a distributed denial of service attack. LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

It's an effective tool; Sony websites have been bouncing up and down all this week, and the job site sonycareers.com is currently down after being targeted by Anonymous. But it's not exactly the nuclear bomb of Internet weaponry, not unless Anonymous can marshal many more machines.

A source at Sony's hosting provider, which handles operations like Sony Computer Entertainment America (SCEA) and Sony Music, tells Ars that the DDoS attacks have been underwhelming. The source characterized them more as an annoyance than an unstoppable force. They "annoyed our network engineers," says the source, but are only of "medium strength."

So why have Sony servers been going down all week? The source said that the data flood wasn't overwhelming, but it was coming from a large enough number of IP addresses that it took the hosting provider's engineers time to block them all. Big batches of offending IP addresses are sent to the engineers, who blacklist them; in the meantime, a specific domain might go down "for an hour" or so while the blocks are put into place. The server then comes back up. According to the source, this takes time, but it's not difficult.

Anonymous has attacked this hosting provider before, when it was going after some luxury good manufacturers. (For instance, last month Anonymous launched Operation Skankbag against Louis Vuitton, after Vuitton tried to stop an artist from selling shirts showing an African child with a handbag.) The current round of Sony attacks is much stronger than the luxury goods attacks.

Anonymous has many enemies

The hosting provider has already sent the word around internally, warning all employees about possible social engineering attempts to access the Sony servers or otherwise interfere with the Sony account.

For now, the hosting provider just plays a game of Whac-a-Mole with bacthes of IP addresses, blocking the offending traffic. Sony has also apparently signed on with Prolexic, a DDoS mitigation service that can scrub incoming traffic or employ other tricks to make sites harder to take down. Prolexic did not respond to our request for an interview, but various Anons involved in the Sony attacks worried about Prolexic's ability to withstand an assault.

KoraX: Prolexic will absorb anything that loic can throw at it,
innocent_whistler: didnt scientolodgy hire prolexic agenst us befor
KoraX: Thats why sony.com won't go down
KoraX: innocent_whistler: indeed they did!
DrQuestion: I thought it was down
KoraX: naw, The auth site is down, other sites are down,
from what i can see sony.com is up
KoraX: And yes, its me
Ghoster^: yeah they wont go down, if they are under prolexic
Ghoster^: we have to plan for another course of action
Elitestate: sweet, what is it?
Ghoster^: thats why i said we have to plan.. haha

The involvement of Prolexic also made the company fair game for targeting (and indeed, some Anons spent time digging up information on the company's founder).

sprog: listen its going to take a lot to down sony, this is what
prolexic is paid for to protect companies against ddos attacks,
this foiled one of our plans before
sonyrecon335: I've messaged Journalists - it's now just a waiting game.
Takai, could I ask that I now go after Prolexic employees,
as they're standing in the way of our #Opsony's current objective?
Takai: Have at'er :)
WhiteRabbit: its pretty much game over....Plolexic can stop attack at 150GBps.
narc0synthesis: hahaha unless we r00t prolexic and fuck them up,
make them back off

As for the hosting provider, the plan is to wait until Anonymous just runs out of steam. "They're going to get bored," says our source.

LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

I've seen you say this several times before, and I have to quibble with it. LOIC is and always was a DOS tool. I don't understand the need euphemize it by calling it a "repurposed stress-testing tool".

The hiring of Prolexic is good news for Anonymous. It means they are succeeding in costing Sony money. But regardless of what Anonymous does or does not do in this operation, or whether they succeed or fail in their objectives, I continue to focus on the fact that Sony's behavior has been completely disdainful. Should a corporation really be able to get your IP address because you visited the "wrong" website or viewed the "wrong" video? And what about removing functionality after you've bought their product? These are the real issue here.

LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

I've seen you say this several times before, and I have to quibble with it. LOIC is and always was a DOS tool. I don't understand the need euphemize it by calling it a "repurposed stress-testing tool".

I'm not seeing where he called it a "repurposed stress-testing tool" as you've claimed. In the quote from the article which you included, it was stated as "repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target". So it was a stress-testing tool that was repurposed in order to become an attack tool. Seems pretty obvious to me, both from this article's description and previous articles where Nate has mentioned it.

I fail to see what you're taking offense to in the description, other than trying to maybe upstage the author?

I knew they wouldn't be able to take down Sony. If they couldn't take down Angel Soft toilet paper or whoever it was, how are they going to take down someone with much more significant network resources, budget, and experience? Given their fragmented nature, Anonymous just isn't going to be able to rally the resources to fight someone like Sony (especially if they're bringing Prolexic on board), not without getting really creative or really lucky.

if they manage to take out prolexic...I'm not gunna lie...I'll be impressed

Their real problem is that they have only a hammer. They are bashing on metal armor though. They need to up their arsenal otherwise they are basically going to be doing what germany was doing during ww2. Fight everyone and their mothers, and then find more people to fight.

I wonder...if they took down Sony leaving an implausible Sony sized hole in the economy if that would have an effect on mister Hotz's social life being the inspiration for the lack of 4D PS4's.

Though considering how large Sony is I'm fairly certain a few DDoS attacks aren't really going to hurt their sales of amazing 3D TV's etc. The Play-Station division itself seems important but remove it and Sony's taken down? Sure Anon, you win, now no gets any PS4's or anymore PS3 stuff ever again...oh but Sony is alive and well you just limited the console battlefield to the 360 versus to Wii.

LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

I've seen you say this several times before, and I have to quibble with it. LOIC is and always was a DOS tool. I don't understand the need euphemize it by calling it a "repurposed stress-testing tool".

I'm not seeing where he called it a "repurposed stress-testing tool" as you've claimed. In the quote from the article which you included, it was stated as "repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target". So it was a stress-testing tool that was repurposed in order to become an attack tool. Seems pretty obvious to me, both from this article's description and previous articles where Nate has mentioned it.

I fail to see what you're taking offense to in the description, other than trying to maybe upstage the author?

Because it never was a "stress-testing tool" (according to Bad Monkey!) - it is and always has been a tool for denial of service attacks. The Wikipedia article doesn't indicate it was ever used for anything other than to bring about the will of Anon.

LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

I've seen you say this several times before, and I have to quibble with it. LOIC is and always was a DOS tool. I don't understand the need euphemize it by calling it a "repurposed stress-testing tool".

I'm not seeing where he called it a "repurposed stress-testing tool" as you've claimed. In the quote from the article which you included, it was stated as "repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target". So it was a stress-testing tool that was repurposed in order to become an attack tool. Seems pretty obvious to me, both from this article's description and previous articles where Nate has mentioned it.

I fail to see what you're taking offense to in the description, other than trying to maybe upstage the author?

So you agree with me that Nate claims that it was a "stress-testing tool" that was "repurposed", aka "a repurposed stress-testing tool". And I don't take offense to it so much as don't see the need to equivocate over LOIC's original purpose, even the orginal author of the software calls it a DOS tool.

I have a question about Operation Skankbag. How did giving replica bags to homeless people hurt Louis Vuitton financially? I'm assuming they didn't lose sales because homeless people were no longer going to buy real bags. Were rich people going to notice Louis Vuitton was the latest fashion amongst the rabble, and decide it's no longer good enough? Do Louis Vuitton buying people even notice what homeless people do? What am I missing?

Let them have their fun. If they can actually change something by annoying Sony more power to them.

If not, who honestly cares? They aren't attacking anything I particularly care about anyway. Even if they were attacking Microsoft (Xbox360 user), I have enough other stuff going on in my life to not bitch about it on the intarwebs.

That wouldn't make sense since the death star is sony branded. If there were rebel fighters, then the masks would have belonged in the cockpits. In this case the masks are 'replacing' the rebel fighters. Spot on art in my book.

Interesting coverage as always. The press may be hampering anon a bit here from a logistics standpoint - still *grabs popcorn*

LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

I've seen you say this several times before, and I have to quibble with it. LOIC is and always was a DOS tool. I don't understand the need euphemize it by calling it a "repurposed stress-testing tool".

My understanding was that the tool had been written, then open-sourced, then further refined to make it especially good for the sort of mass hivemind attacks Anonymous now uses.

For instance, here's Computerworld last year: "The open-source tool, which is sometimes classified as a legitimate network- and firewall-stress testing utility, is being downloaded at the rate of about 1,000 copies per hour, said Tal Be'ery, the Web research team lead at Imperva's Application Defense Center."

That wouldn't make sense since the death star is sony branded. If there were rebel fighters, then the masks would have belonged in the cockpits. In this case the masks are 'replacing' the rebel fighters. Spot on art in my book.

Alright, that's a fair point, but in that case, the Fawkes masks should be shooting red blaster beams out of their eyes.

I mean just look at their conversations and that overly dramatized line in the Vuitton poster: "We do not forgive. We do not forget. Expect us." Come on. Grow up. They sound like immature kids. And they're attacking the wrong people. Most people I know don't hate Sony and wouldn't begin to just because of a lawsuit against a hacker.

Interesting read; I didn't realize there were organizations that could be hired to stand between a hosting provider and a DDoS attack. Nate, out of curiosity, how did you get these guys to talk, even off the record? Usually you'd think they'd want to keep a low profile, in the event they could be seen as management as giving up confidential information?

What a remarkably unambiguous article. It even tries to get away with the implication Anon attacks were ever more than an annoyance to, well, anyone.

Let's face it, bringing down a site for a day or even two is not that big of a deal. Hardly a blip in a 99% availability record. And then you get into the problem Anon has vs people who actually infect computers and use them as hosts: they're actually doing it themselves. Blocking their IP actually matters and might adversely affect them if someone god forbid wants to play a game online. Blocking the IP of a zombie is usually meaningless.

Anon also gets bored fast. Not fast as in /b/ fast, fast as in actually making a difference fast. If they could actually and consistently bring down sites for months or years that would be a big deal. Days? Not so much. DDoS is malevolent but hardly anything new and companies are pretty well-prepared against it.

Anon: The Louis Vuitton thing was awesome. The scientology shit was good. The HBGary thing was pretty OK. Keep those up. This shit DOES NOT MAKE A FUCKING BIT OF A DIFFERENCE IN A TERABYTE.

if they manage to take out prolexic...I'm not gunna lie...I'll be impressed

Their real problem is that they have only a hammer. They are bashing on metal armor though. They need to up their arsenal otherwise they are basically going to be doing what germany was doing during ww2. Fight everyone and their mothers, and then find more people to fight.

Anon has repeatedly demonstrated that it has a lot more than a hammer it its toolkit. That said, their footsoldiers are given hammers, and frequently that's enough.

The question arises about whether or not they break out the specialists (read, the specialists decide it's worth their time for lulz) to do more than just hammer away.

The hiring of Prolexic is good news for Anonymous. It means they are succeeding in costing Sony money. But regardless of what Anonymous does or does not do in this operation, or whether they succeed or fail in their objectives, I continue to focus on the fact that Sony's behavior has been completely disdainful. Should a corporation really be able to get your IP address because you visited the "wrong" website or viewed the "wrong" video? And what about removing functionality after you've bought their product? These are the real issue here.

We all except the fact we don't own the software we buy, we rent it. Sony is bringing to the forefront of whether we own the hardware we buy or whether we rent it also. If that is where we are heading then please Sony rent me the PS3 and rent me my games and rent me any peripherals I need to play the game at a much better price then what you are charging now. Please Sony, state up front before I lay my money down that is what you are doing so I can make an informed decision on whether I want to rent your equipment at such an inflated price vs next door at the electronic rental boutique which is much cheaper. Oh but if that happens companies won't pay you to piggyback on your PS3, because no one will sign up to rent or purchase their products using your console.

Interesting read; I didn't realize there were organizations that could be hired to stand between a hosting provider and a DDoS attack. Nate, out of curiosity, how did you get these guys to talk, even off the record? Usually you'd think they'd want to keep a low profile, in the event they could be seen as management as giving up confidential information?

And another great graphic, Aurich. Thanks for the chuckle.

Sorry, can't really say much about the hosting provider source. The source is not supposed to be talking to the media.

As far as Anonymous, they talk plenty! Just check out their chat rooms.

DAE feel like ARS is killing their credibility every time they cover 4chan? These stories give the forum way too much credit, when there's only a handful of members who have any real hacking skill. The vast majority of the members are misfit high school kids.

It's only a matter of time until these guys are sniffed out. They been racking up a lot of powerful enemies recently. Not only that, they have many many more concerned that have taken an interest in them too!

DAE feel like ARS is killing their credibility every time they cover 4chan? These stories give the forum way too much credit, when there's only a handful of members who have any real hacking skill. The vast majority of the members are misfit high school kids.

Lets compare this to WWII, things like cracking the enigma, weapons advancements, etc all helped win the war. But the war itself was fought by the millions with basic the basic tools, guns, planes, tanks, etc.

If Anonymous actually had enough people, they could do a significant amount of damage to corporations. Hell, they could for a political party and do damage that way instead. Never discount the ignorant masses.

If Anonymous actually had enough people, they could do a significant amount of damage to corporations. Hell, they could for a political party and do damage that way instead. Never discount the ignorant masses.

But they don't have enough people. They don't have enough because they're a fringe group, not a mainstream movement.